How to Beat Hackers Targeting Backups with Ransomware Attacks

If your business is like most, chances are it has a pretty good backup strategy. You’re probably backing up critical data regularly, and that’s a good thing. But it’s not nearly enough. In fact, if your backups haven’t yet been targeted by ransomware, it’s only a matter of time.

Ransomware attacks grew by more than 365% in 2019 alone, and a growing number of those target backups. If you are attacked, your business could be forced to decide whether to pay the ransom. Plenty of people are doing just that, and it’s expensive. One recent report found that the average cost of getting back to normal, including the ransom, costs nearly $1.5 million.

There are very good reasons why hackers are attacking backups: They know that the data in those backups are the keys to the kingdom, and they are extremely profitable.

“It’s big business. In fact, it’s one of the bigger software ventures where you can make money quickly, and the bad guys know it,” said Marc Staimer, a storage industry analyst at Dragon Slayer Consulting. “It’s organized, state-sponsored crime, and like any business, they reinvest the profits in R&D and go after anything that threatens those profits.”

The result is a high-stakes cat-and-mouse game that sees backup vendors figuring out how to stop one type of threat, only to have hackers come up with new ways to get at backups. It’s a never-ending cycle.

The Game of Whack-a-Mole Begins

So how did we get to this place? Ransomware has been a problem for a long time, but hackers didn’t get around to effectively targeting backups with ransomware attacks until a few years ago. In 2017, the industry got a big shock with the Veeam ransomware incident, which put everyone on high alert. As one of the largest backup vendors in the world, hackers knew it was a good target. Hackers who found the backup repositories on the network would delete them, and then detonate ransomware’s payload so the data could no longer be recovered.

Bolstered by that success, hackers kept pushing the envelope, and backup vendors pushed back. First, they did what they could to educate their customers to make sure backups were up-to-date and tested often,…